Peeping Tom Setup (Qmail, Vpopmail)

This will send copies of all incoming and outgoing mails on the mail server (qmail) to a vpopmail user (that is one wants to read the mail via vpopmail).

Pre-requisites:
Install everything you need: Qmailrocks.org has an excellent, even-noobs-can-do-this instructions.

After shock steps:
1. Go to qmail source directory. Set QUEUE_EXTRA as "T\0". (Not don't act too noobish! Replace as a valid linux user.) Then set QUEUE_EXTRALEN as the length of (in characters) plus "2". ('T' and '\0' count as one each)
[root@mail qmail-1.03]# cat extra.h
#ifndef EXTRA_H
#define EXTRA_H
#define QUEUE_EXTRA "Tpeeping.tom\0"
#define QUEUE_EXTRALEN 13
#endif

2. Create a linux user with the same name as your recipient.
[root@mail qmail-1.03]# useradd peeping.tom

3. Create a Maildir directory for your recipient. This is where mails will be delivered to.
[root@mail qmail-1.03]# su - peeping.tom
[peeping.tom@mail ~]# maildirmake Maildir

4. Create a .qmail-peeping.tom file under /var/qmail/alias/.
[root@mail ~]# cat /var/qmail/alias/.qmail-peeping.tom
~/Maildir/

5. Recompile qmail. Stop qmail before recompiling.
[root@mail qmail-1.03] qmailctl stop
[root@mail qmail-1.03] make server setup
[root@mail qmail-1.03] qmailctl start

By this time, you can see files under the Maildir/new directory of the recipients. To forward it to a vpopmail user, just copy these files to the Maildir/new directory of the vpopmail user. Change make sure to change the ownership of those files after transfer to allow access to the vpopmail service.
[root@mail new] chown vpopmail.vchkpw /home/vpopmail/domains/mydomain.com/peeping.tom/Maildir/new/*
[root@mail new] chown vpopmail.vchkpw /home/vpopmail/domains/mydomain.com/peeping.tom/Maildir/cur/*

Tips:
- You can now use Horde+Imp to access these emails via IMAP server.
- You can use crontab to automate the transfer of files/emails to the vpopmail user.

Remnants of a MS user

Links to Configure Log Shipping on SQL Server 2000:
Part 1 - http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/logship1.mspx
Part 2 -http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/logship2.mspx

sshd Security Basics

On the sshd_config file, configure the following:

1. Disable root account login
PermitRootLogin yes

2. Disable Protocol 1
Protocol 2
Here's the reason behind Protocol 1exploit: http://www.ciac.org/ciac/techbull/CIACTech02-001.shtml

3. List allowed users and groups
AllowUsers <user_name_pattern1><space><user_name_pattern2><space><user_name_pattern3>
AllowGroups <grp_name_pattern1><space><grp_name_pattern2><space><grp_name_pattern3>

4. Disconnect after continuous failed login attempts in a specified time interval (in seconds)
LoginGraceTime 20

5. Do not allow blank passwords
PermitEmptyPasswords no

Add-ons:

1. No logins for known users such as admin, test, guest, user, webmaster, postgres, mysql, www, apache, backup, web, nobody, etc.

root@localhost> passwd -l <user_name>

2. Restrict host access to the ssh service (port 22) if possible (Done via iptables)

3. Make use of chroot. http://chrootssh.sourceforge.net/

4. Configure key-based authentication. http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Public-Key_Authentication-2.html